cook policy-keystore into drools image

OOM team reported issues with ONAP installation in
terms of config map sizes.   After discussion with
OOM team, one solution is to cook it in the docker
image itself.   This will solve the size issue on
the OOM side.

Change-Id: I6848370f119cabdae450a1153a88ebd8c0f6b392
Issue-ID: POLICY-747
Signed-off-by: Jorge Hernandez <jh1730@att.com>

diff --git a/packages/base/src/files/etc/ssl/policy-keystore b/packages/base/src/files/etc/ssl/policy-keystore
new file mode 100644 (file)
index 0000000..c389096
Binary files /dev/null and b/packages/base/src/files/etc/ssl/policy-keystore differ

diff --git a/packages/docker/src/main/docker/do-start.sh b/packages/docker/src/main/docker/do-start.sh
index c1ae41d..dfb65e5 100644 (file)
--- a/packages/docker/src/main/docker/do-start.sh
+++ b/packages/docker/src/main/docker/do-start.sh
@@ -56,10 +56,10 @@ else
 
        . /opt/app/policy/etc/profile.d/env.sh
 
-       # install policy keystore
-
-       mkdir -p ${POLICY_HOME}/etc/ssl
-       cp config/policy-keystore ${POLICY_HOME}/etc/ssl
+       if [[ -f config/policy-keystore ]]; then
+           # install policy keystore if present
+           cp config/policy-keystore ${POLICY_HOME}/etc/ssl
+       fi
 
        if [[ -x config/drools-tweaks.sh ]] ; then
                echo "Executing tweaks"

diff --git a/packages/docker/src/main/docker/docker-install.sh b/packages/docker/src/main/docker/docker-install.sh
index 4c647f1..c17cba2 100644 (file)
--- a/packages/docker/src/main/docker/docker-install.sh
+++ b/packages/docker/src/main/docker/docker-install.sh
@@ -239,6 +239,20 @@ function configure_settings() {
        
 }
 
+function configure_keystore() {
+       if [[ $DEBUG == y ]]; then
+               echo "-- ${FUNCNAME[0]} $@ --"
+               set -x
+       fi
+
+    local DEFAULT_KEYSTORE_PASSWORD="Pol1cy_0nap"
+
+       if [[ -n ${KEYSTORE_PASSWD} ]]; then
+           keytool -storepasswd -storepass ${DEFAULT_KEYSTORE_PASSWORD} -keystore ${POLICY_HOME}/etc/ssl/policy-keystore -new ${KEYSTORE_PASSWD}
+           keytool -list -keystore ${POLICY_HOME}/etc/ssl/policy-keystore -storepass ${KEYSTORE_PASSWD}
+       fi
+}
+
 
 function check_r_file() {
        if [[ $DEBUG == y ]]; then
@@ -329,7 +343,8 @@ function configure_base() {
        configure_component "${BASE_CONF}" "${POLICY_HOME}"
        
        configure_settings
-       
+       configure_keystore
+
        BASH_PROFILE_LINE=". ${POLICY_HOME}/etc/profile.d/env.sh"
        PROFILE_LINE="ps -p \$\$ | grep -q bash || . ${POLICY_HOME}/etc/profile.d/env.sh"
 

diff --git a/policy-management/src/main/server/config/system.properties b/policy-management/src/main/server/config/system.properties
index fbac119..7f92c87 100644 (file)
--- a/policy-management/src/main/server/config/system.properties
+++ b/policy-management/src/main/server/config/system.properties
@@ -28,7 +28,7 @@ com.sun.management.jmxremote.ssl=false
 
 # certs
 
-javax.net.ssl.trustStore=/opt/app/policy/etc/ssl/policy-keystore
+javax.net.ssl.trustStore=${{POLICY_HOME}}/etc/ssl/policy-keystore
 javax.net.ssl.trustStorePassword=${{KEYSTORE_PASSWD}}
 
 # standard logging